PageRenderTime 69ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 1ms

/phpBB/includes/functions.php

http://github.com/phpbb/phpbb3
PHP | 4370 lines | 3099 code | 504 blank | 767 comment | 435 complexity | 3f9c5c3c1d37fdfa22144f6c87bea30f MD5 | raw file
Possible License(s): AGPL-1.0

Large files files are truncated, but you can click here to view the full file

    

  1. <?php
    2. 

  2. /**
    3. 

  3. *
    4. 

  4. * This file is part of the phpBB Forum Software package.
    5. 

  5. *
    6. 

  6. * @copyright (c) phpBB Limited <https://www.phpbb.com>
    7. 

  7. * @license GNU General Public License, version 2 (GPL-2.0)
    8. 

  8. *
    9. 

  9. * For full copyright and license information, please see
    10. 

  10. * the docs/CREDITS.txt file.
    11. 

  11. *
    12. 

  12. */
    13. 

  13. 

  14. /**
    15. 

  15. * @ignore
    16. 

  16. */
    17. 

  17. if (!defined('IN_PHPBB'))
    18. 

  18. {
    19. 

  19. 	exit;
    20. 

  20. }
    21. 

  21. 

  22. // Common global functions
    23. 

  23. /**
    24. 

  24. * Generates an alphanumeric random string of given length
    25. 

  25. *
    26. 

  26. * @param int $num_chars Length of random string, defaults to 8.
    27. 

  27. * This number should be less or equal than 64.
    28. 

  28. *
    29. 

  29. * @return string
    30. 

  30. */
    31. 

  31. function gen_rand_string($num_chars = 8)
    32. 

  32. {
    33. 

  33. 	$range = array_merge(range('A', 'Z'), range(0, 9));
    34. 

  34. 	$size = count($range);
    35. 

  35. 

  36. 	$output = '';
    37. 

  37. 	for ($i = 0; $i < $num_chars; $i++)
    38. 

  38. 	{
    39. 

  39. 		$rand = random_int(0, $size-1);
    40. 

  40. 		$output .= $range[$rand];
    41. 

  41. 	}
    42. 

  42. 

  43. 	return $output;
    44. 

  44. }
    45. 

  45. 

  46. /**
    47. 

  47. * Generates a user-friendly alphanumeric random string of given length
    48. 

  48. * We remove 0 and O so users cannot confuse those in passwords etc.
    49. 

  49. *
    50. 

  50. * @param int $num_chars Length of random string, defaults to 8.
    51. 

  51. * This number should be less or equal than 64.
    52. 

  52. *
    53. 

  53. * @return string
    54. 

  54. */
    55. 

  55. function gen_rand_string_friendly($num_chars = 8)
    56. 

  56. {
    57. 

  57. 	$range = array_merge(range('A', 'N'), range('P', 'Z'), range(1, 9));
    58. 

  58. 	$size = count($range);
    59. 

  59. 

  60. 	$output = '';
    61. 

  61. 	for ($i = 0; $i < $num_chars; $i++)
    62. 

  62. 	{
    63. 

  63. 		$rand = random_int(0, $size-1);
    64. 

  64. 		$output .= $range[$rand];
    65. 

  65. 	}
    66. 

  66. 

  67. 	return $output;
    68. 

  68. }
    69. 

  69. 

  70. /**
    71. 

  71. * Return unique id
    72. 

  72. */
    73. 

  73. function unique_id()
    74. 

  74. {
    75. 

  75. 	return strtolower(gen_rand_string(16));
    76. 

  76. }
    77. 

  77. 

  78. /**
    79. 

  79. * Wrapper for mt_rand() which allows swapping $min and $max parameters.
    80. 

  80. *
    81. 

  81. * PHP does not allow us to swap the order of the arguments for mt_rand() anymore.
    82. 

  82. * (since PHP 5.3.4, see http://bugs.php.net/46587)
    83. 

  83. *
    84. 

  84. * @param int $min		Lowest value to be returned
    85. 

  85. * @param int $max		Highest value to be returned
    86. 

  86. *
    87. 

  87. * @return int			Random integer between $min and $max (or $max and $min)
    88. 

  88. */
    89. 

  89. function phpbb_mt_rand($min, $max)
    90. 

  90. {
    91. 

  91. 	return ($min > $max) ? mt_rand($max, $min) : mt_rand($min, $max);
    92. 

  92. }
    93. 

  93. 

  94. /**
    95. 

  95. * Wrapper for getdate() which returns the equivalent array for UTC timestamps.
    96. 

  96. *
    97. 

  97. * @param int $time		Unix timestamp (optional)
    98. 

  98. *
    99. 

  99. * @return array			Returns an associative array of information related to the timestamp.
    100. 

  100. *						See http://www.php.net/manual/en/function.getdate.php
    101. 

  101. */
    102. 

  102. function phpbb_gmgetdate($time = false)
    103. 

  103. {
    104. 

  104. 	if ($time === false)
    105. 

  105. 	{
    106. 

  106. 		$time = time();
    107. 

  107. 	}
    108. 

  108. 

  109. 	// getdate() interprets timestamps in local time.
    110. 

  110. 	// What follows uses the fact that getdate() and
    111. 

  111. 	// date('Z') balance each other out.
    112. 

  112. 	return getdate($time - date('Z'));
    113. 

  113. }
    114. 

  114. 

  115. /**
    116. 

  116. * Return formatted string for filesizes
    117. 

  117. *
    118. 

  118. * @param mixed	$value			filesize in bytes
    119. 

  119. *								(non-negative number; int, float or string)
    120. 

  120. * @param bool	$string_only	true if language string should be returned
    121. 

  121. * @param array	$allowed_units	only allow these units (data array indexes)
    122. 

  122. *
    123. 

  123. * @return mixed					data array if $string_only is false
    124. 

  124. */
    125. 

  125. function get_formatted_filesize($value, $string_only = true, $allowed_units = false)
    126. 

  126. {
    127. 

  127. 	global $user;
    128. 

  128. 

  129. 	$available_units = array(
    130. 

  130. 		'tb' => array(
    131. 

  131. 			'min' 		=> 1099511627776, // pow(2, 40)
    132. 

  132. 			'index'		=> 4,
    133. 

  133. 			'si_unit'	=> 'TB',
    134. 

  134. 			'iec_unit'	=> 'TIB',
    135. 

  135. 		),
    136. 

  136. 		'gb' => array(
    137. 

  137. 			'min' 		=> 1073741824, // pow(2, 30)
    138. 

  138. 			'index'		=> 3,
    139. 

  139. 			'si_unit'	=> 'GB',
    140. 

  140. 			'iec_unit'	=> 'GIB',
    141. 

  141. 		),
    142. 

  142. 		'mb' => array(
    143. 

  143. 			'min'		=> 1048576, // pow(2, 20)
    144. 

  144. 			'index'		=> 2,
    145. 

  145. 			'si_unit'	=> 'MB',
    146. 

  146. 			'iec_unit'	=> 'MIB',
    147. 

  147. 		),
    148. 

  148. 		'kb' => array(
    149. 

  149. 			'min'		=> 1024, // pow(2, 10)
    150. 

  150. 			'index'		=> 1,
    151. 

  151. 			'si_unit'	=> 'KB',
    152. 

  152. 			'iec_unit'	=> 'KIB',
    153. 

  153. 		),
    154. 

  154. 		'b' => array(
    155. 

  155. 			'min'		=> 0,
    156. 

  156. 			'index'		=> 0,
    157. 

  157. 			'si_unit'	=> 'BYTES', // Language index
    158. 

  158. 			'iec_unit'	=> 'BYTES',  // Language index
    159. 

  159. 		),
    160. 

  160. 	);
    161. 

  161. 

  162. 	foreach ($available_units as $si_identifier => $unit_info)
    163. 

  163. 	{
    164. 

  164. 		if (!empty($allowed_units) && $si_identifier != 'b' && !in_array($si_identifier, $allowed_units))
    165. 

  165. 		{
    166. 

  166. 			continue;
    167. 

  167. 		}
    168. 

  168. 

  169. 		if ($value >= $unit_info['min'])
    170. 

  170. 		{
    171. 

  171. 			$unit_info['si_identifier'] = $si_identifier;
    172. 

  172. 

  173. 			break;
    174. 

  174. 		}
    175. 

  175. 	}
    176. 

  176. 	unset($available_units);
    177. 

  177. 

  178. 	for ($i = 0; $i < $unit_info['index']; $i++)
    179. 

  179. 	{
    180. 

  180. 		$value /= 1024;
    181. 

  181. 	}
    182. 

  182. 	$value = round($value, 2);
    183. 

  183. 

  184. 	// Lookup units in language dictionary
    185. 

  185. 	$unit_info['si_unit'] = (isset($user->lang[$unit_info['si_unit']])) ? $user->lang[$unit_info['si_unit']] : $unit_info['si_unit'];
    186. 

  186. 	$unit_info['iec_unit'] = (isset($user->lang[$unit_info['iec_unit']])) ? $user->lang[$unit_info['iec_unit']] : $unit_info['iec_unit'];
    187. 

  187. 

  188. 	// Default to IEC
    189. 

  189. 	$unit_info['unit'] = $unit_info['iec_unit'];
    190. 

  190. 

  191. 	if (!$string_only)
    192. 

  192. 	{
    193. 

  193. 		$unit_info['value'] = $value;
    194. 

  194. 

  195. 		return $unit_info;
    196. 

  196. 	}
    197. 

  197. 

  198. 	return $value  . ' ' . $unit_info['unit'];
    199. 

  199. }
    200. 

  200. 

  201. /**
    202. 

  202. * Determine whether we are approaching the maximum execution time. Should be called once
    203. 

  203. * at the beginning of the script in which it's used.
    204. 

  204. * @return	bool	Either true if the maximum execution time is nearly reached, or false
    205. 

  205. *					if some time is still left.
    206. 

  206. */
    207. 

  207. function still_on_time($extra_time = 15)
    208. 

  208. {
    209. 

  209. 	static $max_execution_time, $start_time;
    210. 

  210. 

  211. 	$current_time = microtime(true);
    212. 

  212. 

  213. 	if (empty($max_execution_time))
    214. 

  214. 	{
    215. 

  215. 		$max_execution_time = (function_exists('ini_get')) ? (int) @ini_get('max_execution_time') : (int) @get_cfg_var('max_execution_time');
    216. 

  216. 

  217. 		// If zero, then set to something higher to not let the user catch the ten seconds barrier.
    218. 

  218. 		if ($max_execution_time === 0)
    219. 

  219. 		{
    220. 

  220. 			$max_execution_time = 50 + $extra_time;
    221. 

  221. 		}
    222. 

  222. 

  223. 		$max_execution_time = min(max(10, ($max_execution_time - $extra_time)), 50);
    224. 

  224. 

  225. 		// For debugging purposes
    226. 

  226. 		// $max_execution_time = 10;
    227. 

  227. 

  228. 		global $starttime;
    229. 

  229. 		$start_time = (empty($starttime)) ? $current_time : $starttime;
    230. 

  230. 	}
    231. 

  231. 

  232. 	return (ceil($current_time - $start_time) < $max_execution_time) ? true : false;
    233. 

  233. }
    234. 

  234. 

  235. /**
    236. 

  236. * Wrapper for version_compare() that allows using uppercase A and B
    237. 

  237. * for alpha and beta releases.
    238. 

  238. *
    239. 

  239. * See http://www.php.net/manual/en/function.version-compare.php
    240. 

  240. *
    241. 

  241. * @param string $version1		First version number
    242. 

  242. * @param string $version2		Second version number
    243. 

  243. * @param string $operator		Comparison operator (optional)
    244. 

  244. *
    245. 

  245. * @return mixed					Boolean (true, false) if comparison operator is specified.
    246. 

  246. *								Integer (-1, 0, 1) otherwise.
    247. 

  247. */
    248. 

  248. function phpbb_version_compare($version1, $version2, $operator = null)
    249. 

  249. {
    250. 

  250. 	$version1 = strtolower($version1);
    251. 

  251. 	$version2 = strtolower($version2);
    252. 

  252. 

  253. 	if (is_null($operator))
    254. 

  254. 	{
    255. 

  255. 		return version_compare($version1, $version2);
    256. 

  256. 	}
    257. 

  257. 	else
    258. 

  258. 	{
    259. 

  259. 		return version_compare($version1, $version2, $operator);
    260. 

  260. 	}
    261. 

  261. }
    262. 

  262. 

  263. // functions used for building option fields
    264. 

  264. 

  265. /**
    266. 

  266. * Pick a language, any language ...
    267. 

  267. */
    268. 

  268. function language_select($default = '')
    269. 

  269. {
    270. 

  270. 	global $db;
    271. 

  271. 

  272. 	$sql = 'SELECT lang_iso, lang_local_name
    273. 

  273. 		FROM ' . LANG_TABLE . '
    274. 

  274. 		ORDER BY lang_english_name';
    275. 

  275. 	$result = $db->sql_query($sql);
    276. 

  276. 

  277. 	$lang_options = '';
    278. 

  278. 	while ($row = $db->sql_fetchrow($result))
    279. 

  279. 	{
    280. 

  280. 		$selected = ($row['lang_iso'] == $default) ? ' selected="selected"' : '';
    281. 

  281. 		$lang_options .= '<option value="' . $row['lang_iso'] . '"' . $selected . '>' . $row['lang_local_name'] . '</option>';
    282. 

  282. 	}
    283. 

  283. 	$db->sql_freeresult($result);
    284. 

  284. 

  285. 	return $lang_options;
    286. 

  286. }
    287. 

  287. 

  288. /**
    289. 

  289. * Pick a template/theme combo,
    290. 

  290. */
    291. 

  291. function style_select($default = '', $all = false)
    292. 

  292. {
    293. 

  293. 	global $db;
    294. 

  294. 

  295. 	$sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
    296. 

  296. 	$sql = 'SELECT style_id, style_name
    297. 

  297. 		FROM ' . STYLES_TABLE . "
    298. 

  298. 		$sql_where
    299. 

  299. 		ORDER BY style_name";
    300. 

  300. 	$result = $db->sql_query($sql);
    301. 

  301. 

  302. 	$style_options = '';
    303. 

  303. 	while ($row = $db->sql_fetchrow($result))
    304. 

  304. 	{
    305. 

  305. 		$selected = ($row['style_id'] == $default) ? ' selected="selected"' : '';
    306. 

  306. 		$style_options .= '<option value="' . $row['style_id'] . '"' . $selected . '>' . $row['style_name'] . '</option>';
    307. 

  307. 	}
    308. 

  308. 	$db->sql_freeresult($result);
    309. 

  309. 

  310. 	return $style_options;
    311. 

  311. }
    312. 

  312. 

  313. /**
    314. 

  314. * Format the timezone offset with hours and minutes
    315. 

  315. *
    316. 

  316. * @param	int		$tz_offset	Timezone offset in seconds
    317. 

  317. * @param	bool	$show_null	Whether null offsets should be shown
    318. 

  318. * @return	string		Normalized offset string:	-7200 => -02:00
    319. 

  319. *													16200 => +04:30
    320. 

  320. */
    321. 

  321. function phpbb_format_timezone_offset($tz_offset, $show_null = false)
    322. 

  322. {
    323. 

  323. 	$sign = ($tz_offset < 0) ? '-' : '+';
    324. 

  324. 	$time_offset = abs($tz_offset);
    325. 

  325. 

  326. 	if ($time_offset == 0 && $show_null == false)
    327. 

  327. 	{
    328. 

  328. 		return '';
    329. 

  329. 	}
    330. 

  330. 

  331. 	$offset_seconds	= $time_offset % 3600;
    332. 

  332. 	$offset_minutes	= $offset_seconds / 60;
    333. 

  333. 	$offset_hours	= ($time_offset - $offset_seconds) / 3600;
    334. 

  334. 

  335. 	$offset_string	= sprintf("%s%02d:%02d", $sign, $offset_hours, $offset_minutes);
    336. 

  336. 	return $offset_string;
    337. 

  337. }
    338. 

  338. 

  339. /**
    340. 

  340. * Compares two time zone labels.
    341. 

  341. * Arranges them in increasing order by timezone offset.
    342. 

  342. * Places UTC before other timezones in the same offset.
    343. 

  343. */
    344. 

  344. function phpbb_tz_select_compare($a, $b)
    345. 

  345. {
    346. 

  346. 	$a_sign = $a[3];
    347. 

  347. 	$b_sign = $b[3];
    348. 

  348. 	if ($a_sign != $b_sign)
    349. 

  349. 	{
    350. 

  350. 		return $a_sign == '-' ? -1 : 1;
    351. 

  351. 	}
    352. 

  352. 

  353. 	$a_offset = substr($a, 4, 5);
    354. 

  354. 	$b_offset = substr($b, 4, 5);
    355. 

  355. 	if ($a_offset == $b_offset)
    356. 

  356. 	{
    357. 

  357. 		$a_name = substr($a, 12);
    358. 

  358. 		$b_name = substr($b, 12);
    359. 

  359. 		if ($a_name == $b_name)
    360. 

  360. 		{
    361. 

  361. 			return 0;
    362. 

  362. 		}
    363. 

  363. 		else if ($a_name == 'UTC')
    364. 

  364. 		{
    365. 

  365. 			return -1;
    366. 

  366. 		}
    367. 

  367. 		else if ($b_name == 'UTC')
    368. 

  368. 		{
    369. 

  369. 			return 1;
    370. 

  370. 		}
    371. 

  371. 		else
    372. 

  372. 		{
    373. 

  373. 			return $a_name < $b_name ? -1 : 1;
    374. 

  374. 		}
    375. 

  375. 	}
    376. 

  376. 	else
    377. 

  377. 	{
    378. 

  378. 		if ($a_sign == '-')
    379. 

  379. 		{
    380. 

  380. 			return $a_offset > $b_offset ? -1 : 1;
    381. 

  381. 		}
    382. 

  382. 		else
    383. 

  383. 		{
    384. 

  384. 			return $a_offset < $b_offset ? -1 : 1;
    385. 

  385. 		}
    386. 

  386. 	}
    387. 

  387. }
    388. 

  388. 

  389. /**
    390. 

  390. * Return list of timezone identifiers
    391. 

  391. * We also add the selected timezone if we can create an object with it.
    392. 

  392. * DateTimeZone::listIdentifiers seems to not add all identifiers to the list,
    393. 

  393. * because some are only kept for backward compatible reasons. If the user has
    394. 

  394. * a deprecated value, we add it here, so it can still be kept. Once the user
    395. 

  395. * changed his value, there is no way back to deprecated values.
    396. 

  396. *
    397. 

  397. * @param	string		$selected_timezone		Additional timezone that shall
    398. 

  398. *												be added to the list of identiers
    399. 

  399. * @return		array		DateTimeZone::listIdentifiers and additional
    400. 

  400. *							selected_timezone if it is a valid timezone.
    401. 

  401. */
    402. 

  402. function phpbb_get_timezone_identifiers($selected_timezone)
    403. 

  403. {
    404. 

  404. 	$timezones = DateTimeZone::listIdentifiers();
    405. 

  405. 

  406. 	if (!in_array($selected_timezone, $timezones))
    407. 

  407. 	{
    408. 

  408. 		try
    409. 

  409. 		{
    410. 

  410. 			// Add valid timezones that are currently selected but not returned
    411. 

  411. 			// by DateTimeZone::listIdentifiers
    412. 

  412. 			$validate_timezone = new DateTimeZone($selected_timezone);
    413. 

  413. 			$timezones[] = $selected_timezone;
    414. 

  414. 		}
    415. 

  415. 		catch (\Exception $e)
    416. 

  416. 		{
    417. 

  417. 		}
    418. 

  418. 	}
    419. 

  419. 

  420. 	return $timezones;
    421. 

  421. }
    422. 

  422. 

  423. /**
    424. 

  424. * Options to pick a timezone and date/time
    425. 

  425. *
    426. 

  426. * @param	\phpbb\template\template $template	phpBB template object
    427. 

  427. * @param	\phpbb\user	$user				Object of the current user
    428. 

  428. * @param	string		$default			A timezone to select
    429. 

  429. * @param	boolean		$truncate			Shall we truncate the options text
    430. 

  430. *
    431. 

  431. * @return		array		Returns an array containing the options for the time selector.
    432. 

  432. */
    433. 

  433. function phpbb_timezone_select($template, $user, $default = '', $truncate = false)
    434. 

  434. {
    435. 

  435. 	static $timezones;
    436. 

  436. 

  437. 	$default_offset = '';
    438. 

  438. 	if (!isset($timezones))
    439. 

  439. 	{
    440. 

  440. 		$unsorted_timezones = phpbb_get_timezone_identifiers($default);
    441. 

  441. 

  442. 		$timezones = array();
    443. 

  443. 		foreach ($unsorted_timezones as $timezone)
    444. 

  444. 		{
    445. 

  445. 			$tz = new DateTimeZone($timezone);
    446. 

  446. 			$dt = $user->create_datetime('now', $tz);
    447. 

  447. 			$offset = $dt->getOffset();
    448. 

  448. 			$current_time = $dt->format($user->lang['DATETIME_FORMAT'], true);
    449. 

  449. 			$offset_string = phpbb_format_timezone_offset($offset, true);
    450. 

  450. 			$timezones['UTC' . $offset_string . ' - ' . $timezone] = array(
    451. 

  451. 				'tz'		=> $timezone,
    452. 

  452. 				'offset'	=> $offset_string,
    453. 

  453. 				'current'	=> $current_time,
    454. 

  454. 			);
    455. 

  455. 			if ($timezone === $default)
    456. 

  456. 			{
    457. 

  457. 				$default_offset = 'UTC' . $offset_string;
    458. 

  458. 			}
    459. 

  459. 		}
    460. 

  460. 		unset($unsorted_timezones);
    461. 

  461. 

  462. 		uksort($timezones, 'phpbb_tz_select_compare');
    463. 

  463. 	}
    464. 

  464. 

  465. 	$tz_select = $opt_group = '';
    466. 

  466. 

  467. 	foreach ($timezones as $key => $timezone)
    468. 

  468. 	{
    469. 

  469. 		if ($opt_group != $timezone['offset'])
    470. 

  470. 		{
    471. 

  471. 			// Generate tz_select for backwards compatibility
    472. 

  472. 			$tz_select .= ($opt_group) ? '</optgroup>' : '';
    473. 

  473. 			$tz_select .= '<optgroup label="' . $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']) . '">';
    474. 

  474. 			$opt_group = $timezone['offset'];
    475. 

  475. 			$template->assign_block_vars('timezone_select', array(
    476. 

  476. 				'LABEL'		=> $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']),
    477. 

  477. 				'VALUE'		=> $key . ' - ' . $timezone['current'],
    478. 

  478. 			));
    479. 

  479. 

  480. 			$selected = (!empty($default_offset) && strpos($key, $default_offset) !== false) ? ' selected="selected"' : '';
    481. 

  481. 			$template->assign_block_vars('timezone_date', array(
    482. 

  482. 				'VALUE'		=> $key . ' - ' . $timezone['current'],
    483. 

  483. 				'SELECTED'	=> !empty($selected),
    484. 

  484. 				'TITLE'		=> $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $timezone['current']),
    485. 

  485. 			));
    486. 

  486. 		}
    487. 

  487. 

  488. 		$label = $timezone['tz'];
    489. 

  489. 		if (isset($user->lang['timezones'][$label]))
    490. 

  490. 		{
    491. 

  491. 			$label = $user->lang['timezones'][$label];
    492. 

  492. 		}
    493. 

  493. 		$title = $user->lang(array('timezones', 'UTC_OFFSET_CURRENT'), $timezone['offset'], $label);
    494. 

  494. 

  495. 		if ($truncate)
    496. 

  496. 		{
    497. 

  497. 			$label = truncate_string($label, 50, 255, false, '...');
    498. 

  498. 		}
    499. 

  499. 

  500. 		// Also generate timezone_select for backwards compatibility
    501. 

  501. 		$selected = ($timezone['tz'] === $default) ? ' selected="selected"' : '';
    502. 

  502. 		$tz_select .= '<option title="' . $title . '" value="' . $timezone['tz'] . '"' . $selected . '>' . $label . '</option>';
    503. 

  503. 		$template->assign_block_vars('timezone_select.timezone_options', array(
    504. 

  504. 			'TITLE'			=> $title,
    505. 

  505. 			'VALUE'			=> $timezone['tz'],
    506. 

  506. 			'SELECTED'		=> !empty($selected),
    507. 

  507. 			'LABEL'			=> $label,
    508. 

  508. 		));
    509. 

  509. 	}
    510. 

  510. 	$tz_select .= '</optgroup>';
    511. 

  511. 

  512. 	return $tz_select;
    513. 

  513. }
    514. 

  514. 

  515. // Functions handling topic/post tracking/marking
    516. 

  516. 

  517. /**
    518. 

  518. * Marks a topic/forum as read
    519. 

  519. * Marks a topic as posted to
    520. 

  520. *
    521. 

  521. * @param string $mode (all, topics, topic, post)
    522. 

  522. * @param int|bool $forum_id Used in all, topics, and topic mode
    523. 

  523. * @param int|bool $topic_id Used in topic and post mode
    524. 

  524. * @param int $post_time 0 means current time(), otherwise to set a specific mark time
    525. 

  525. * @param int $user_id can only be used with $mode == 'post'
    526. 

  526. */
    527. 

  527. function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0)
    528. 

  528. {
    529. 

  529. 	global $db, $user, $config;
    530. 

  530. 	global $request, $phpbb_container, $phpbb_dispatcher;
    531. 

  531. 

  532. 	$post_time = ($post_time === 0 || $post_time > time()) ? time() : (int) $post_time;
    533. 

  533. 

  534. 	$should_markread = true;
    535. 

  535. 

  536. 	/**
    537. 

  537. 	 * This event is used for performing actions directly before marking forums,
    538. 

  538. 	 * topics or posts as read.
    539. 

  539. 	 *
    540. 

  540. 	 * It is also possible to prevent the marking. For that, the $should_markread parameter
    541. 

  541. 	 * should be set to FALSE.
    542. 

  542. 	 *
    543. 

  543. 	 * @event core.markread_before
    544. 

  544. 	 * @var	string	mode				Variable containing marking mode value
    545. 

  545. 	 * @var	mixed	forum_id			Variable containing forum id, or false
    546. 

  546. 	 * @var	mixed	topic_id			Variable containing topic id, or false
    547. 

  547. 	 * @var	int		post_time			Variable containing post time
    548. 

  548. 	 * @var	int		user_id				Variable containing the user id
    549. 

  549. 	 * @var	bool	should_markread		Flag indicating if the markread should be done or not.
    550. 

  550. 	 * @since 3.1.4-RC1
    551. 

  551. 	 */
    552. 

  552. 	$vars = array(
    553. 

  553. 		'mode',
    554. 

  554. 		'forum_id',
    555. 

  555. 		'topic_id',
    556. 

  556. 		'post_time',
    557. 

  557. 		'user_id',
    558. 

  558. 		'should_markread',
    559. 

  559. 	);
    560. 

  560. 	extract($phpbb_dispatcher->trigger_event('core.markread_before', compact($vars)));
    561. 

  561. 

  562. 	if (!$should_markread)
    563. 

  563. 	{
    564. 

  564. 		return;
    565. 

  565. 	}
    566. 

  566. 

  567. 	if ($mode == 'all')
    568. 

  568. 	{
    569. 

  569. 		if (empty($forum_id))
    570. 

  570. 		{
    571. 

  571. 			// Mark all forums read (index page)
    572. 

  572. 			/* @var $phpbb_notifications \phpbb\notification\manager */
    573. 

  573. 			$phpbb_notifications = $phpbb_container->get('notification_manager');
    574. 

  574. 

  575. 			// Mark all topic notifications read for this user
    576. 

  576. 			$phpbb_notifications->mark_notifications(array(
    577. 

  577. 				'notification.type.topic',
    578. 

  578. 				'notification.type.quote',
    579. 

  579. 				'notification.type.bookmark',
    580. 

  580. 				'notification.type.post',
    581. 

  581. 				'notification.type.approve_topic',
    582. 

  582. 				'notification.type.approve_post',
    583. 

  583. 			), false, $user->data['user_id'], $post_time);
    584. 

  584. 

  585. 			if ($config['load_db_lastread'] && $user->data['is_registered'])
    586. 

  586. 			{
    587. 

  587. 				// Mark all forums read (index page)
    588. 

  588. 				$tables = array(TOPICS_TRACK_TABLE, FORUMS_TRACK_TABLE);
    589. 

  589. 				foreach ($tables as $table)
    590. 

  590. 				{
    591. 

  591. 					$sql = 'DELETE FROM ' . $table . "
    592. 

  592. 						WHERE user_id = {$user->data['user_id']}
    593. 

  593. 							AND mark_time < $post_time";
    594. 

  594. 					$db->sql_query($sql);
    595. 

  595. 				}
    596. 

  596. 

  597. 				$sql = 'UPDATE ' . USERS_TABLE . "
    598. 

  598. 					SET user_lastmark = $post_time
    599. 

  599. 					WHERE user_id = {$user->data['user_id']}
    600. 

  600. 						AND user_lastmark < $post_time";
    601. 

  601. 				$db->sql_query($sql);
    602. 

  602. 			}
    603. 

  603. 			else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    604. 

  604. 			{
    605. 

  605. 				$tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE);
    606. 

  606. 				$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    607. 

  607. 

  608. 				unset($tracking_topics['tf']);
    609. 

  609. 				unset($tracking_topics['t']);
    610. 

  610. 				unset($tracking_topics['f']);
    611. 

  611. 				$tracking_topics['l'] = base_convert($post_time - $config['board_startdate'], 10, 36);
    612. 

  612. 

  613. 				$user->set_cookie('track', tracking_serialize($tracking_topics), $post_time + 31536000);
    614. 

  614. 				$request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking_topics), \phpbb\request\request_interface::COOKIE);
    615. 

  615. 

  616. 				unset($tracking_topics);
    617. 

  617. 

  618. 				if ($user->data['is_registered'])
    619. 

  619. 				{
    620. 

  620. 					$sql = 'UPDATE ' . USERS_TABLE . "
    621. 

  621. 						SET user_lastmark = $post_time
    622. 

  622. 						WHERE user_id = {$user->data['user_id']}
    623. 

  623. 							AND user_lastmark < $post_time";
    624. 

  624. 					$db->sql_query($sql);
    625. 

  625. 				}
    626. 

  626. 			}
    627. 

  627. 		}
    628. 

  628. 	}
    629. 

  629. 	else if ($mode == 'topics')
    630. 

  630. 	{
    631. 

  631. 		// Mark all topics in forums read
    632. 

  632. 		if (!is_array($forum_id))
    633. 

  633. 		{
    634. 

  634. 			$forum_id = array($forum_id);
    635. 

  635. 		}
    636. 

  636. 		else
    637. 

  637. 		{
    638. 

  638. 			$forum_id = array_unique($forum_id);
    639. 

  639. 		}
    640. 

  640. 

  641. 		/* @var $phpbb_notifications \phpbb\notification\manager */
    642. 

  642. 		$phpbb_notifications = $phpbb_container->get('notification_manager');
    643. 

  643. 

  644. 		$phpbb_notifications->mark_notifications_by_parent(array(
    645. 

  645. 			'notification.type.topic',
    646. 

  646. 			'notification.type.approve_topic',
    647. 

  647. 		), $forum_id, $user->data['user_id'], $post_time);
    648. 

  648. 

  649. 		// Mark all post/quote notifications read for this user in this forum
    650. 

  650. 		$topic_ids = array();
    651. 

  651. 		$sql = 'SELECT topic_id
    652. 

  652. 			FROM ' . TOPICS_TABLE . '
    653. 

  653. 			WHERE ' . $db->sql_in_set('forum_id', $forum_id);
    654. 

  654. 		$result = $db->sql_query($sql);
    655. 

  655. 		while ($row = $db->sql_fetchrow($result))
    656. 

  656. 		{
    657. 

  657. 			$topic_ids[] = $row['topic_id'];
    658. 

  658. 		}
    659. 

  659. 		$db->sql_freeresult($result);
    660. 

  660. 

  661. 		$phpbb_notifications->mark_notifications_by_parent(array(
    662. 

  662. 			'notification.type.quote',
    663. 

  663. 			'notification.type.bookmark',
    664. 

  664. 			'notification.type.post',
    665. 

  665. 			'notification.type.approve_post',
    666. 

  666. 		), $topic_ids, $user->data['user_id'], $post_time);
    667. 

  667. 

  668. 		// Add 0 to forums array to mark global announcements correctly
    669. 

  669. 		// $forum_id[] = 0;
    670. 

  670. 

  671. 		if ($config['load_db_lastread'] && $user->data['is_registered'])
    672. 

  672. 		{
    673. 

  673. 			$sql = 'DELETE FROM ' . TOPICS_TRACK_TABLE . "
    674. 

  674. 				WHERE user_id = {$user->data['user_id']}
    675. 

  675. 					AND mark_time < $post_time
    676. 

  676. 					AND " . $db->sql_in_set('forum_id', $forum_id);
    677. 

  677. 			$db->sql_query($sql);
    678. 

  678. 

  679. 			$sql = 'SELECT forum_id
    680. 

  680. 				FROM ' . FORUMS_TRACK_TABLE . "
    681. 

  681. 				WHERE user_id = {$user->data['user_id']}
    682. 

  682. 					AND " . $db->sql_in_set('forum_id', $forum_id);
    683. 

  683. 			$result = $db->sql_query($sql);
    684. 

  684. 

  685. 			$sql_update = array();
    686. 

  686. 			while ($row = $db->sql_fetchrow($result))
    687. 

  687. 			{
    688. 

  688. 				$sql_update[] = (int) $row['forum_id'];
    689. 

  689. 			}
    690. 

  690. 			$db->sql_freeresult($result);
    691. 

  691. 

  692. 			if (count($sql_update))
    693. 

  693. 			{
    694. 

  694. 				$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . "
    695. 

  695. 					SET mark_time = $post_time
    696. 

  696. 					WHERE user_id = {$user->data['user_id']}
    697. 

  697. 						AND mark_time < $post_time
    698. 

  698. 						AND " . $db->sql_in_set('forum_id', $sql_update);
    699. 

  699. 				$db->sql_query($sql);
    700. 

  700. 			}
    701. 

  701. 

  702. 			if ($sql_insert = array_diff($forum_id, $sql_update))
    703. 

  703. 			{
    704. 

  704. 				$sql_ary = array();
    705. 

  705. 				foreach ($sql_insert as $f_id)
    706. 

  706. 				{
    707. 

  707. 					$sql_ary[] = array(
    708. 

  708. 						'user_id'	=> (int) $user->data['user_id'],
    709. 

  709. 						'forum_id'	=> (int) $f_id,
    710. 

  710. 						'mark_time'	=> $post_time,
    711. 

  711. 					);
    712. 

  712. 				}
    713. 

  713. 

  714. 				$db->sql_multi_insert(FORUMS_TRACK_TABLE, $sql_ary);
    715. 

  715. 			}
    716. 

  716. 		}
    717. 

  717. 		else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    718. 

  718. 		{
    719. 

  719. 			$tracking = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE);
    720. 

  720. 			$tracking = ($tracking) ? tracking_unserialize($tracking) : array();
    721. 

  721. 

  722. 			foreach ($forum_id as $f_id)
    723. 

  723. 			{
    724. 

  724. 				$topic_ids36 = (isset($tracking['tf'][$f_id])) ? $tracking['tf'][$f_id] : array();
    725. 

  725. 

  726. 				if (isset($tracking['tf'][$f_id]))
    727. 

  727. 				{
    728. 

  728. 					unset($tracking['tf'][$f_id]);
    729. 

  729. 				}
    730. 

  730. 

  731. 				foreach ($topic_ids36 as $topic_id36)
    732. 

  732. 				{
    733. 

  733. 					unset($tracking['t'][$topic_id36]);
    734. 

  734. 				}
    735. 

  735. 

  736. 				if (isset($tracking['f'][$f_id]))
    737. 

  737. 				{
    738. 

  738. 					unset($tracking['f'][$f_id]);
    739. 

  739. 				}
    740. 

  740. 

  741. 				$tracking['f'][$f_id] = base_convert($post_time - $config['board_startdate'], 10, 36);
    742. 

  742. 			}
    743. 

  743. 

  744. 			if (isset($tracking['tf']) && empty($tracking['tf']))
    745. 

  745. 			{
    746. 

  746. 				unset($tracking['tf']);
    747. 

  747. 			}
    748. 

  748. 

  749. 			$user->set_cookie('track', tracking_serialize($tracking), $post_time + 31536000);
    750. 

  750. 			$request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), \phpbb\request\request_interface::COOKIE);
    751. 

  751. 

  752. 			unset($tracking);
    753. 

  753. 		}
    754. 

  754. 	}
    755. 

  755. 	else if ($mode == 'topic')
    756. 

  756. 	{
    757. 

  757. 		if ($topic_id === false || $forum_id === false)
    758. 

  758. 		{
    759. 

  759. 			return;
    760. 

  760. 		}
    761. 

  761. 

  762. 		/* @var $phpbb_notifications \phpbb\notification\manager */
    763. 

  763. 		$phpbb_notifications = $phpbb_container->get('notification_manager');
    764. 

  764. 

  765. 		// Mark post notifications read for this user in this topic
    766. 

  766. 		$phpbb_notifications->mark_notifications(array(
    767. 

  767. 			'notification.type.topic',
    768. 

  768. 			'notification.type.approve_topic',
    769. 

  769. 		), $topic_id, $user->data['user_id'], $post_time);
    770. 

  770. 

  771. 		$phpbb_notifications->mark_notifications_by_parent(array(
    772. 

  772. 			'notification.type.quote',
    773. 

  773. 			'notification.type.bookmark',
    774. 

  774. 			'notification.type.post',
    775. 

  775. 			'notification.type.approve_post',
    776. 

  776. 		), $topic_id, $user->data['user_id'], $post_time);
    777. 

  777. 

  778. 		if ($config['load_db_lastread'] && $user->data['is_registered'])
    779. 

  779. 		{
    780. 

  780. 			$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . "
    781. 

  781. 				SET mark_time = $post_time
    782. 

  782. 				WHERE user_id = {$user->data['user_id']}
    783. 

  783. 					AND mark_time < $post_time
    784. 

  784. 					AND topic_id = $topic_id";
    785. 

  785. 			$db->sql_query($sql);
    786. 

  786. 

  787. 			// insert row
    788. 

  788. 			if (!$db->sql_affectedrows())
    789. 

  789. 			{
    790. 

  790. 				$db->sql_return_on_error(true);
    791. 

  791. 

  792. 				$sql_ary = array(
    793. 

  793. 					'user_id'		=> (int) $user->data['user_id'],
    794. 

  794. 					'topic_id'		=> (int) $topic_id,
    795. 

  795. 					'forum_id'		=> (int) $forum_id,
    796. 

  796. 					'mark_time'		=> $post_time,
    797. 

  797. 				);
    798. 

  798. 

  799. 				$db->sql_query('INSERT INTO ' . TOPICS_TRACK_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
    800. 

  800. 

  801. 				$db->sql_return_on_error(false);
    802. 

  802. 			}
    803. 

  803. 		}
    804. 

  804. 		else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    805. 

  805. 		{
    806. 

  806. 			$tracking = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE);
    807. 

  807. 			$tracking = ($tracking) ? tracking_unserialize($tracking) : array();
    808. 

  808. 

  809. 			$topic_id36 = base_convert($topic_id, 10, 36);
    810. 

  810. 

  811. 			if (!isset($tracking['t'][$topic_id36]))
    812. 

  812. 			{
    813. 

  813. 				$tracking['tf'][$forum_id][$topic_id36] = true;
    814. 

  814. 			}
    815. 

  815. 

  816. 			$tracking['t'][$topic_id36] = base_convert($post_time - (int) $config['board_startdate'], 10, 36);
    817. 

  817. 

  818. 			// If the cookie grows larger than 10000 characters we will remove the smallest value
    819. 

  819. 			// This can result in old topics being unread - but most of the time it should be accurate...
    820. 

  820. 			if (strlen($request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE)) > 10000)
    821. 

  821. 			{
    822. 

  822. 				//echo 'Cookie grown too large' . print_r($tracking, true);
    823. 

  823. 

  824. 				// We get the ten most minimum stored time offsets and its associated topic ids
    825. 

  825. 				$time_keys = array();
    826. 

  826. 				for ($i = 0; $i < 10 && count($tracking['t']); $i++)
    827. 

  827. 				{
    828. 

  828. 					$min_value = min($tracking['t']);
    829. 

  829. 					$m_tkey = array_search($min_value, $tracking['t']);
    830. 

  830. 					unset($tracking['t'][$m_tkey]);
    831. 

  831. 

  832. 					$time_keys[$m_tkey] = $min_value;
    833. 

  833. 				}
    834. 

  834. 

  835. 				// Now remove the topic ids from the array...
    836. 

  836. 				foreach ($tracking['tf'] as $f_id => $topic_id_ary)
    837. 

  837. 				{
    838. 

  838. 					foreach ($time_keys as $m_tkey => $min_value)
    839. 

  839. 					{
    840. 

  840. 						if (isset($topic_id_ary[$m_tkey]))
    841. 

  841. 						{
    842. 

  842. 							$tracking['f'][$f_id] = $min_value;
    843. 

  843. 							unset($tracking['tf'][$f_id][$m_tkey]);
    844. 

  844. 						}
    845. 

  845. 					}
    846. 

  846. 				}
    847. 

  847. 

  848. 				if ($user->data['is_registered'])
    849. 

  849. 				{
    850. 

  850. 					$user->data['user_lastmark'] = intval(base_convert(max($time_keys) + $config['board_startdate'], 36, 10));
    851. 

  851. 

  852. 					$sql = 'UPDATE ' . USERS_TABLE . "
    853. 

  853. 						SET user_lastmark = $post_time
    854. 

  854. 						WHERE user_id = {$user->data['user_id']}
    855. 

  855. 							AND mark_time < $post_time";
    856. 

  856. 					$db->sql_query($sql);
    857. 

  857. 				}
    858. 

  858. 				else
    859. 

  859. 				{
    860. 

  860. 					$tracking['l'] = max($time_keys);
    861. 

  861. 				}
    862. 

  862. 			}
    863. 

  863. 

  864. 			$user->set_cookie('track', tracking_serialize($tracking), $post_time + 31536000);
    865. 

  865. 			$request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), \phpbb\request\request_interface::COOKIE);
    866. 

  866. 		}
    867. 

  867. 	}
    868. 

  868. 	else if ($mode == 'post')
    869. 

  869. 	{
    870. 

  870. 		if ($topic_id === false)
    871. 

  871. 		{
    872. 

  872. 			return;
    873. 

  873. 		}
    874. 

  874. 

  875. 		$use_user_id = (!$user_id) ? $user->data['user_id'] : $user_id;
    876. 

  876. 

  877. 		if ($config['load_db_track'] && $use_user_id != ANONYMOUS)
    878. 

  878. 		{
    879. 

  879. 			$db->sql_return_on_error(true);
    880. 

  880. 

  881. 			$sql_ary = array(
    882. 

  882. 				'user_id'		=> (int) $use_user_id,
    883. 

  883. 				'topic_id'		=> (int) $topic_id,
    884. 

  884. 				'topic_posted'	=> 1,
    885. 

  885. 			);
    886. 

  886. 

  887. 			$db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
    888. 

  888. 

  889. 			$db->sql_return_on_error(false);
    890. 

  890. 		}
    891. 

  891. 	}
    892. 

  892. 

  893. 	/**
    894. 

  894. 	 * This event is used for performing actions directly after forums,
    895. 

  895. 	 * topics or posts have been marked as read.
    896. 

  896. 	 *
    897. 

  897. 	 * @event core.markread_after
    898. 

  898. 	 * @var	string		mode				Variable containing marking mode value
    899. 

  899. 	 * @var	mixed		forum_id			Variable containing forum id, or false
    900. 

  900. 	 * @var	mixed		topic_id			Variable containing topic id, or false
    901. 

  901. 	 * @var	int			post_time			Variable containing post time
    902. 

  902. 	 * @var	int			user_id				Variable containing the user id
    903. 

  903. 	 * @since 3.2.6-RC1
    904. 

  904. 	 */
    905. 

  905. 	$vars = array(
    906. 

  906. 		'mode',
    907. 

  907. 		'forum_id',
    908. 

  908. 		'topic_id',
    909. 

  909. 		'post_time',
    910. 

  910. 		'user_id',
    911. 

  911. 	);
    912. 

  912. 	extract($phpbb_dispatcher->trigger_event('core.markread_after', compact($vars)));
    913. 

  913. }
    914. 

  914. 

  915. /**
    916. 

  916. * Get topic tracking info by using already fetched info
    917. 

  917. */
    918. 

  918. function get_topic_tracking($forum_id, $topic_ids, &$rowset, $forum_mark_time, $global_announce_list = false)
    919. 

  919. {
    920. 

  920. 	global $user;
    921. 

  921. 

  922. 	$last_read = array();
    923. 

  923. 

  924. 	if (!is_array($topic_ids))
    925. 

  925. 	{
    926. 

  926. 		$topic_ids = array($topic_ids);
    927. 

  927. 	}
    928. 

  928. 

  929. 	foreach ($topic_ids as $topic_id)
    930. 

  930. 	{
    931. 

  931. 		if (!empty($rowset[$topic_id]['mark_time']))
    932. 

  932. 		{
    933. 

  933. 			$last_read[$topic_id] = $rowset[$topic_id]['mark_time'];
    934. 

  934. 		}
    935. 

  935. 	}
    936. 

  936. 

  937. 	$topic_ids = array_diff($topic_ids, array_keys($last_read));
    938. 

  938. 

  939. 	if (count($topic_ids))
    940. 

  940. 	{
    941. 

  941. 		$mark_time = array();
    942. 

  942. 

  943. 		if (!empty($forum_mark_time[$forum_id]) && $forum_mark_time[$forum_id] !== false)
    944. 

  944. 		{
    945. 

  945. 			$mark_time[$forum_id] = $forum_mark_time[$forum_id];
    946. 

  946. 		}
    947. 

  947. 

  948. 		$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
    949. 

  949. 

  950. 		foreach ($topic_ids as $topic_id)
    951. 

  951. 		{
    952. 

  952. 			$last_read[$topic_id] = $user_lastmark;
    953. 

  953. 		}
    954. 

  954. 	}
    955. 

  955. 

  956. 	return $last_read;
    957. 

  957. }
    958. 

  958. 

  959. /**
    960. 

  960. * Get topic tracking info from db (for cookie based tracking only this function is used)
    961. 

  961. */
    962. 

  962. function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_list = false)
    963. 

  963. {
    964. 

  964. 	global $config, $user, $request;
    965. 

  965. 

  966. 	$last_read = array();
    967. 

  967. 

  968. 	if (!is_array($topic_ids))
    969. 

  969. 	{
    970. 

  970. 		$topic_ids = array($topic_ids);
    971. 

  971. 	}
    972. 

  972. 

  973. 	if ($config['load_db_lastread'] && $user->data['is_registered'])
    974. 

  974. 	{
    975. 

  975. 		global $db;
    976. 

  976. 

  977. 		$sql = 'SELECT topic_id, mark_time
    978. 

  978. 			FROM ' . TOPICS_TRACK_TABLE . "
    979. 

  979. 			WHERE user_id = {$user->data['user_id']}
    980. 

  980. 				AND " . $db->sql_in_set('topic_id', $topic_ids);
    981. 

  981. 		$result = $db->sql_query($sql);
    982. 

  982. 

  983. 		while ($row = $db->sql_fetchrow($result))
    984. 

  984. 		{
    985. 

  985. 			$last_read[$row['topic_id']] = $row['mark_time'];
    986. 

  986. 		}
    987. 

  987. 		$db->sql_freeresult($result);
    988. 

  988. 

  989. 		$topic_ids = array_diff($topic_ids, array_keys($last_read));
    990. 

  990. 

  991. 		if (count($topic_ids))
    992. 

  992. 		{
    993. 

  993. 			$sql = 'SELECT forum_id, mark_time
    994. 

  994. 				FROM ' . FORUMS_TRACK_TABLE . "
    995. 

  995. 				WHERE user_id = {$user->data['user_id']}
    996. 

  996. 					AND forum_id = $forum_id";
    997. 

  997. 			$result = $db->sql_query($sql);
    998. 

  998. 

  999. 			$mark_time = array();
    1000. 

  1000. 			while ($row = $db->sql_fetchrow($result))
    1001. 

  1001. 			{
    1002. 

  1002. 				$mark_time[$row['forum_id']] = $row['mark_time'];
    1003. 

  1003. 			}
    1004. 

  1004. 			$db->sql_freeresult($result);
    1005. 

  1005. 

  1006. 			$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user->data['user_lastmark'];
    1007. 

  1007. 

  1008. 			foreach ($topic_ids as $topic_id)
    1009. 

  1009. 			{
    1010. 

  1010. 				$last_read[$topic_id] = $user_lastmark;
    1011. 

  1011. 			}
    1012. 

  1012. 		}
    1013. 

  1013. 	}
    1014. 

  1014. 	else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1015. 

  1015. 	{
    1016. 

  1016. 		global $tracking_topics;
    1017. 

  1017. 

  1018. 		if (!isset($tracking_topics) || !count($tracking_topics))
    1019. 

  1019. 		{
    1020. 

  1020. 			$tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE);
    1021. 

  1021. 			$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1022. 

  1022. 		}
    1023. 

  1023. 

  1024. 		if (!$user->data['is_registered'])
    1025. 

  1025. 		{
    1026. 

  1026. 			$user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0;
    1027. 

  1027. 		}
    1028. 

  1028. 		else
    1029. 

  1029. 		{
    1030. 

  1030. 			$user_lastmark = $user->data['user_lastmark'];
    1031. 

  1031. 		}
    1032. 

  1032. 

  1033. 		foreach ($topic_ids as $topic_id)
    1034. 

  1034. 		{
    1035. 

  1035. 			$topic_id36 = base_convert($topic_id, 10, 36);
    1036. 

  1036. 

  1037. 			if (isset($tracking_topics['t'][$topic_id36]))
    1038. 

  1038. 			{
    1039. 

  1039. 				$last_read[$topic_id] = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate'];
    1040. 

  1040. 			}
    1041. 

  1041. 		}
    1042. 

  1042. 

  1043. 		$topic_ids = array_diff($topic_ids, array_keys($last_read));
    1044. 

  1044. 

  1045. 		if (count($topic_ids))
    1046. 

  1046. 		{
    1047. 

  1047. 			$mark_time = array();
    1048. 

  1048. 

  1049. 			if (isset($tracking_topics['f'][$forum_id]))
    1050. 

  1050. 			{
    1051. 

  1051. 				$mark_time[$forum_id] = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate'];
    1052. 

  1052. 			}
    1053. 

  1053. 

  1054. 			$user_lastmark = (isset($mark_time[$forum_id])) ? $mark_time[$forum_id] : $user_lastmark;
    1055. 

  1055. 

  1056. 			foreach ($topic_ids as $topic_id)
    1057. 

  1057. 			{
    1058. 

  1058. 				$last_read[$topic_id] = $user_lastmark;
    1059. 

  1059. 			}
    1060. 

  1060. 		}
    1061. 

  1061. 	}
    1062. 

  1062. 

  1063. 	return $last_read;
    1064. 

  1064. }
    1065. 

  1065. 

  1066. /**
    1067. 

  1067. * Get list of unread topics
    1068. 

  1068. *
    1069. 

  1069. * @param int $user_id			User ID (or false for current user)
    1070. 

  1070. * @param string $sql_extra		Extra WHERE SQL statement
    1071. 

  1071. * @param string $sql_sort		ORDER BY SQL sorting statement
    1072. 

  1072. * @param string $sql_limit		Limits the size of unread topics list, 0 for unlimited query
    1073. 

  1073. * @param string $sql_limit_offset  Sets the offset of the first row to search, 0 to search from the start
    1074. 

  1074. *
    1075. 

  1075. * @return array[int][int]		Topic ids as keys, mark_time of topic as value
    1076. 

  1076. */
    1077. 

  1077. function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0)
    1078. 

  1078. {
    1079. 

  1079. 	global $config, $db, $user, $request;
    1080. 

  1080. 	global $phpbb_dispatcher;
    1081. 

  1081. 

  1082. 	$user_id = ($user_id === false) ? (int) $user->data['user_id'] : (int) $user_id;
    1083. 

  1083. 

  1084. 	// Data array we're going to return
    1085. 

  1085. 	$unread_topics = array();
    1086. 

  1086. 

  1087. 	if (empty($sql_sort))
    1088. 

  1088. 	{
    1089. 

  1089. 		$sql_sort = 'ORDER BY t.topic_last_post_time DESC, t.topic_last_post_id DESC';
    1090. 

  1090. 	}
    1091. 

  1091. 

  1092. 	if ($config['load_db_lastread'] && $user->data['is_registered'])
    1093. 

  1093. 	{
    1094. 

  1094. 		// Get list of the unread topics
    1095. 

  1095. 		$last_mark = (int) $user->data['user_lastmark'];
    1096. 

  1096. 

  1097. 		$sql_array = array(
    1098. 

  1098. 			'SELECT'		=> 't.topic_id, t.topic_last_post_time, tt.mark_time as topic_mark_time, ft.mark_time as forum_mark_time',
    1099. 

  1099. 

  1100. 			'FROM'			=> array(TOPICS_TABLE => 't'),
    1101. 

  1101. 

  1102. 			'LEFT_JOIN'		=> array(
    1103. 

  1103. 				array(
    1104. 

  1104. 					'FROM'	=> array(TOPICS_TRACK_TABLE => 'tt'),
    1105. 

  1105. 					'ON'	=> "tt.user_id = $user_id AND t.topic_id = tt.topic_id",
    1106. 

  1106. 				),
    1107. 

  1107. 				array(
    1108. 

  1108. 					'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
    1109. 

  1109. 					'ON'	=> "ft.user_id = $user_id AND t.forum_id = ft.forum_id",
    1110. 

  1110. 				),
    1111. 

  1111. 			),
    1112. 

  1112. 

  1113. 			'WHERE'			=> "
    1114. 

  1114. 				 t.topic_last_post_time > $last_mark AND
    1115. 

  1115. 				(
    1116. 

  1116. 				(tt.mark_time IS NOT NULL AND t.topic_last_post_time > tt.mark_time) OR
    1117. 

  1117. 				(tt.mark_time IS NULL AND ft.mark_time IS NOT NULL AND t.topic_last_post_time > ft.mark_time) OR
    1118. 

  1118. 				(tt.mark_time IS NULL AND ft.mark_time IS NULL)
    1119. 

  1119. 				)
    1120. 

  1120. 				$sql_extra
    1121. 

  1121. 				$sql_sort",
    1122. 

  1122. 		);
    1123. 

  1123. 

  1124. 		/**
    1125. 

  1125. 		 * Change SQL query for fetching unread topics data
    1126. 

  1126. 		 *
    1127. 

  1127. 		 * @event core.get_unread_topics_modify_sql
    1128. 

  1128. 		 * @var array     sql_array    Fully assembled SQL query with keys SELECT, FROM, LEFT_JOIN, WHERE
    1129. 

  1129. 		 * @var int       last_mark    User's last_mark time
    1130. 

  1130. 		 * @var string    sql_extra    Extra WHERE SQL statement
    1131. 

  1131. 		 * @var string    sql_sort     ORDER BY SQL sorting statement
    1132. 

  1132. 		 * @since 3.1.4-RC1
    1133. 

  1133. 		 */
    1134. 

  1134. 		$vars = array(
    1135. 

  1135. 			'sql_array',
    1136. 

  1136. 			'last_mark',
    1137. 

  1137. 			'sql_extra',
    1138. 

  1138. 			'sql_sort',
    1139. 

  1139. 		);
    1140. 

  1140. 		extract($phpbb_dispatcher->trigger_event('core.get_unread_topics_modify_sql', compact($vars)));
    1141. 

  1141. 

  1142. 		$sql = $db->sql_build_query('SELECT', $sql_array);
    1143. 

  1143. 		$result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
    1144. 

  1144. 

  1145. 		while ($row = $db->sql_fetchrow($result))
    1146. 

  1146. 		{
    1147. 

  1147. 			$topic_id = (int) $row['topic_id'];
    1148. 

  1148. 			$unread_topics[$topic_id] = ($row['topic_mark_time']) ? (int) $row['topic_mark_time'] : (($row['forum_mark_time']) ? (int) $row['forum_mark_time'] : $last_mark);
    1149. 

  1149. 		}
    1150. 

  1150. 		$db->sql_freeresult($result);
    1151. 

  1151. 	}
    1152. 

  1152. 	else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1153. 

  1153. 	{
    1154. 

  1154. 		global $tracking_topics;
    1155. 

  1155. 

  1156. 		if (empty($tracking_topics))
    1157. 

  1157. 		{
    1158. 

  1158. 			$tracking_topics = $request->variable($config['cookie_name'] . '_track', '', false, \phpbb\request\request_interface::COOKIE);
    1159. 

  1159. 			$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1160. 

  1160. 		}
    1161. 

  1161. 

  1162. 		if (!$user->data['is_registered'])
    1163. 

  1163. 		{
    1164. 

  1164. 			$user_lastmark = (isset($tracking_topics['l'])) ? base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate'] : 0;
    1165. 

  1165. 		}
    1166. 

  1166. 		else
    1167. 

  1167. 		{
    1168. 

  1168. 			$user_lastmark = (int) $user->data['user_lastmark'];
    1169. 

  1169. 		}
    1170. 

  1170. 

  1171. 		$sql = 'SELECT t.topic_id, t.forum_id, t.topic_last_post_time
    1172. 

  1172. 			FROM ' . TOPICS_TABLE . ' t
    1173. 

  1173. 			WHERE t.topic_last_post_time > ' . $user_lastmark . "
    1174. 

  1174. 			$sql_extra
    1175. 

  1175. 			$sql_sort";
    1176. 

  1176. 		$result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset);
    1177. 

  1177. 

  1178. 		while ($row = $db->sql_fetchrow($result))
    1179. 

  1179. 		{
    1180. 

  1180. 			$forum_id = (int) $row['forum_id'];
    1181. 

  1181. 			$topic_id = (int) $row['topic_id'];
    1182. 

  1182. 			$topic_id36 = base_convert($topic_id, 10, 36);
    1183. 

  1183. 

  1184. 			if (isset($tracking_topics['t'][$topic_id36]))
    1185. 

  1185. 			{
    1186. 

  1186. 				$last_read = base_convert($tracking_topics['t'][$topic_id36], 36, 10) + $config['board_startdate'];
    1187. 

  1187. 

  1188. 				if ($row['topic_last_post_time'] > $last_read)
    1189. 

  1189. 				{
    1190. 

  1190. 					$unread_topics[$topic_id] = $last_read;
    1191. 

  1191. 				}
    1192. 

  1192. 			}
    1193. 

  1193. 			else if (isset($tracking_topics['f'][$forum_id]))
    1194. 

  1194. 			{
    1195. 

  1195. 				$mark_time = base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate'];
    1196. 

  1196. 

  1197. 				if ($row['topic_last_post_time'] > $mark_time)
    1198. 

  1198. 				{
    1199. 

  1199. 					$unread_topics[$topic_id] = $mark_time;
    1200. 

  1200. 				}
    1201. 

  1201. 			}
    1202. 

  1202. 			else
    1203. 

  1203. 			{
    1204. 

  1204. 				$unread_topics[$topic_id] = $user_lastmark;
    1205. 

  1205. 			}
    1206. 

  1206. 		}
    1207. 

  1207. 		$db->sql_freeresult($result);
    1208. 

  1208. 	}
    1209. 

  1209. 

  1210. 	return $unread_topics;
    1211. 

  1211. }
    1212. 

  1212. 

  1213. /**
    1214. 

  1214. * Check for read forums and update topic tracking info accordingly
    1215. 

  1215. *
    1216. 

  1216. * @param int $forum_id the forum id to check
    1217. 

  1217. * @param int $forum_last_post_time the forums last post time
    1218. 

  1218. * @param int $f_mark_time the forums last mark time if user is registered and load_db_lastread enabled
    1219. 

  1219. * @param int $mark_time_forum false if the mark time needs to be obtained, else the last users forum mark time
    1220. 

  1220. *
    1221. 

  1221. * @return true if complete forum got marked read, else false.
    1222. 

  1222. */
    1223. 

  1223. function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_time = false, $mark_time_forum = false)
    1224. 

  1224. {
    1225. 

  1225. 	global $db, $tracking_topics, $user, $config, $request, $phpbb_container;
    1226. 

  1226. 

  1227. 	// Determine the users last forum mark time if not given.
    1228. 

  1228. 	if ($mark_time_forum === false)
    1229. 

  1229. 	{
    1230. 

  1230. 		if ($config['load_db_lastread'] && $user->data['is_registered'])
    1231. 

  1231. 		{
    1232. 

  1232. 			$mark_time_forum = (!empty($f_mark_time)) ? $f_mark_time : $user->data['user_lastmark'];
    1233. 

  1233. 		}
    1234. 

  1234. 		else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1235. 

  1235. 		{
    1236. 

  1236. 			$tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE);
    1237. 

  1237. 			$tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array();
    1238. 

  1238. 

  1239. 			if (!$user->data['is_registered'])
    1240. 

  1240. 			{
    1241. 

  1241. 				$user->data['user_lastmark'] = (isset($tracking_topics['l'])) ? (int) (base_convert($tracking_topics['l'], 36, 10) + $config['board_startdate']) : 0;
    1242. 

  1242. 			}
    1243. 

  1243. 

  1244. 			$mark_time_forum = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark'];
    1245. 

  1245. 		}
    1246. 

  1246. 	}
    1247. 

  1247. 

  1248. 	// Handle update of unapproved topics info.
    1249. 

  1249. 	// Only update for moderators having m_approve permission for the forum.
    1250. 

  1250. 	/* @var $phpbb_content_visibility \phpbb\content_visibility */
    1251. 

  1251. 	$phpbb_content_visibility = $phpbb_container->get('content.visibility');
    1252. 

  1252. 

  1253. 	// Check the forum for any left unread topics.
    1254. 

  1254. 	// If there are none, we mark the forum as read.
    1255. 

  1255. 	if ($config['load_db_lastread'] && $user->data['is_registered'])
    1256. 

  1256. 	{
    1257. 

  1257. 		if ($mark_time_forum >= $forum_last_post_time)
    1258. 

  1258. 		{
    1259. 

  1259. 			// We do not need to mark read, this happened before. Therefore setting this to true
    1260. 

  1260. 			$row = true;
    1261. 

  1261. 		}
    1262. 

  1262. 		else
    1263. 

  1263. 		{
    1264. 

  1264. 			$sql = 'SELECT t.forum_id
    1265. 

  1265. 				FROM ' . TOPICS_TABLE . ' t
    1266. 

  1266. 				LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt
    1267. 

  1267. 					ON (tt.topic_id = t.topic_id
    1268. 

  1268. 						AND tt.user_id = ' . $user->data['user_id'] . ')
    1269. 

  1269. 				WHERE t.forum_id = ' . $forum_id . '
    1270. 

  1270. 					AND t.topic_last_post_time > ' . $mark_time_forum . '
    1271. 

  1271. 					AND t.topic_moved_id = 0
    1272. 

  1272. 					AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.') . '
    1273. 

  1273. 					AND (tt.topic_id IS NULL
    1274. 

  1274. 						OR tt.mark_time < t.topic_last_post_time)';
    1275. 

  1275. 			$result = $db->sql_query_limit($sql, 1);
    1276. 

  1276. 			$row = $db->sql_fetchrow($result);
    1277. 

  1277. 			$db->sql_freeresult($result);
    1278. 

  1278. 		}
    1279. 

  1279. 	}
    1280. 

  1280. 	else if ($config['load_anon_lastread'] || $user->data['is_registered'])
    1281. 

  1281. 	{
    1282. 

  1282. 		// Get information from cookie
    1283. 

  1283. 		if (!isset($tracking_topics['tf'][$forum_id]))
    1284. 

  1284. 		{
    1285. 

  1285. 			// We do not need to mark read, this happened before. Therefore setting this to true
    1286. 

  1286. 			$row = true;
    1287. 

  1287. 		}
    1288. 

  1288. 		else
    1289. 

  1289. 		{
    1290. 

  1290. 			$sql = 'SELECT t.topic_id
    1291. 

  1291. 				FROM ' . TOPICS_TABLE . ' t
    1292. 

  1292. 				WHERE t.forum_id = ' . $forum_id . '
    1293. 

  1293. 					AND t.topic_last_post_time > ' . $mark_time_forum . '
    1294. 

  1294. 					AND t.topic_moved_id = 0
    1295. 

  1295. 					AND ' . $phpbb_content_visibility->get_visibility_sql('topic', $forum_id, 't.');
    1296. 

  1296. 			$result = $db->sql_query($sql);
    1297. 

  1297. 

  1298. 			$check_forum = $tracking_topics['tf'][$forum_id];
    1299. 

  1299. 			$unread = false;
    1300. 

  1300. 

  1301. 			while ($row = $db->sql_fetchrow($result))
    1302. 

  1302. 			{
    1303. 

  1303. 				if (!isset($check_forum[base_convert($row['topic_id'], 10, 36)]))
    1304. 

  1304. 				{
    1305. 

  1305. 					$unread = true;
    1306. 

  1306. 					break;
    1307. 

  1307. 				}
    1308. 

  1308. 			}
    1309. 

  1309. 			$db->sql_freeresult($result);
    1310. 

  1310. 

  1311. 			$row = $unread;
    1312. 

  1312. 		}
    1313. 

  1313. 	}
    1314. 

  1314. 	else
    1315. 

  1315. 	{
    1316. 

  1316. 		$row = true;
    1317. 

  1317. 	}
    1318. 

  1318. 

  1319. 	if (!$row)
    1320. 

  1320. 	{
    1321. 

  1321. 		markread('topics', $forum_id);
    1322. 

  1322. 		return true;
    1323. 

  1323. 	}
    1324. 

  1324. 

  1325. 	return false;
    1326. 

  1326. }
    1327. 

  1327. 

  1328. /**
    1329. 

  1329. * Transform an array into a serialized format
    1330. 

  1330. */
    1331. 

  1331. function tracking_serialize($input)
    1332. 

  1332. {
    1333. 

  1333. 	$out = '';
    1334. 

  1334. 	foreach ($input as $key => $value)
    1335. 

  1335. 	{
    1336. 

  1336. 		if (is_array($value))
    1337. 

  1337. 		{
    1338. 

  1338. 			$out .= $key . ':(' . tracking_serialize($value) . ');';
    1339. 

  1339. 		}
    1340. 

  1340. 		else
    1341. 

  1341. 		{
    1342. 

  1342. 			$out .= $key . ':' . $value . ';';
    1343. 

  1343. 		}
    1344. 

  1344. 	}
    1345. 

  1345. 	return $out;
    1346. 

  1346. }
    1347. 

  1347. 

  1348. /**
    1349. 

  1349. * Transform a serialized array into an actual array
    1350. 

  1350. */
    1351. 

  1351. function tracking_unserialize($string, $max_depth = 3)
    1352. 

  1352. {
    1353. 

  1353. 	$n = strlen($string);
    1354. 

  1354. 	if ($n > 10010)
    1355. 

  1355. 	{
    1356. 

  1356. 		die('Invalid data supplied');
    1357. 

  1357. 	}
    1358. 

  1358. 	$data = $stack = array();
    1359. 

  1359. 	$key = '';
    1360. 

  1360. 	$mode = 0;
    1361. 

  1361. 	$level = &$data;
    1362. 

  1362. 	for ($i = 0; $i < $n; ++$i)
    1363. 

  1363. 	{
    1364. 

  1364. 		switch ($mode)
    1365. 

  1365. 		{
    1366. 

  1366. 			case 0:
    1367. 

  1367. 				switch ($string[$i])
    1368. 

  1368. 				{
    1369. 

  1369. 					case ':':
    1370. 

  1370. 						$level[$key] = 0;
    1371. 

  1371. 						$mode = 1;
    1372. 

  1372. 					break;
    1373. 

  1373. 					case ')':
    1374. 

  1374. 						unset($level);
    1375. 

  1375. 						$level = array_pop($stack);
    1376. 

  1376. 						$mode = 3;
    1377. 

  1377. 					break;
    1378. 

  1378. 					default:
    1379. 

  1379. 						$key .= $string[$i];
    1380. 

  1380. 				}
    1381. 

  1381. 			break;
    1382. 

  1382. 

  1383. 			case 1:
    1384. 

  1384. 				switch ($string[$i])
    1385. 

  1385. 				{
    1386. 

  1386. 					case '(':
    1387. 

  1387. 						if (count($stack) >= $max_depth)
    1388. 

  1388. 						{
    1389. 

  1389. 							die('Invalid data supplied');
    1390. 

  1390. 						}
    1391. 

  1391. 						$stack[] = &$level;
    1392. 

  1392. 						$level[$key] = array();
    1393. 

  1393. 						$level = &$level[$key];
    1394. 

  1394. 						$key = '';
    1395. 

  1395. 						$mode = 0;
    1396. 

  1396. 					break;
    1397. 

  1397. 					default:
    1398. 

  1398. 						$level[$key] = $string[$i];
    1399. 

  1399. 						$mode = 2;
    1400. 

  1400. 					break;
    1401. 

  1401. 				}
    1402. 

  1402. 			break;
    1403. 

  1403. 

  1404. 			case 2:
    1405. 

  1405. 				switch ($string[$i])
    1406. 

  1406. 				{
    1407. 

  1407. 					case ')':
    1408. 

  1408. 						unset($level);
    1409. 

  1409. 						$level = array_pop($stack);
    1410. 

  1410. 						$mode = 3;
    1411. 

  1411. 					break;
    1412. 

  1412. 					case ';':
    1413. 

  1413. 						$key = '';
    1414. 

  1414. 						$mode = 0;
    1415. 

  1415. 					break;
    1416. 

  1416. 					default:
    1417. 

  1417. 						$level[$key] .= $string[$i];
    1418. 

  1418. 					break;
    1419. 

  1419. 				}
    1420. 

  1420. 			break;
    1421. 

  1421. 

  1422. 			case 3:
    1423. 

  1423. 				switch ($string[$i])
    1424. 

  1424. 				{
    1425. 

  1425. 					case ')':
    1426. 

  1426. 						unset($level);
    1427. 

  1427. 						$level = array_pop($stack);
    1428. 

  1428. 					break;
    1429. 

  1429. 					case ';':
    1430. 

  1430. 						$key = '';
    1431. 

  1431. 						$mode = 0;
    1432. 

  1432. 					break;
    1433. 

  1433. 					default:
    1434. 

  1434. 						die('Invalid data supplied');
    1435. 

  1435. 					break;
    1436. 

  1436. 				}
    1437. 

  1437. 			break;
    1438. 

  1438. 		}
    1439. 

  1439. 	}
    1440. 

  1440. 

  1441. 	if (count($stack) != 0 || ($mode != 0 && $mode != 3))
    1442. 

  1442. 	{
    1443. 

  1443. 		die('Invalid data supplied');
    1444. 

  1444. 	}
    1445. 

  1445. 

  1446. 	return $level;
    1447. 

  1447. }
    1448. 

  1448. 

  1449. // Server functions (building urls, redirecting...)
    1450. 

  1450. 

  1451. /**
    1452. 

  1452. * Append session id to url.
    1453. 

  1453. *
    1454. 

  1454. * @param string $url The url the session id needs to be appended to (can have params)
    1455. 

  1455. * @param mixed $params String or array of additional url parameters
    1456. 

  1456. * @param bool $is_amp Is url using &amp; (true) or & (false)
    1457. 

  1457. * @param string $session_id Possibility to use a custom session id instead of the global one
    1458. 

  1458. * @param bool $is_route Is url generated by a route.
    1459. 

  1459. *
    1460. 

  1460. * @return string The corrected url.
    1461. 

  1461. *
    1462. 

  1462. * Examples:
    1463. 

  1463. * <code>
    1464. 

  1464. * append_sid("{$phpbb_root_path}viewtopic.$phpEx?t=1&amp;f=2");
    1465. 

  1465. * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&amp;f=2');
    1466. 

  1466. * append_sid("{$phpbb_root_path}viewtopic.$phpEx", 't=1&f=2', false);
    1467. 

  1467. * append_sid("{$phpbb_root_path}viewtopic.$phpEx", array('t' => 1, 'f' => 2));
    1468. 

  1468. * </code>
    1469. 

  1469. *
    1470. 

  1470. */
    1471. 

  1471. function append_sid($url, $params = false, $is_amp = true, $session_id = false, $is_route = false)
    1472. 

  1472. {
    1473. 

  1473. 	global $_SID, $_EXTRA_URL, $phpbb_path_helper;
    1474. 

  1474. 	global $phpbb_dispatcher;
    1475. 

  1475. 

  1476. 	if ($params === '' || (is_array($params) && empty($params)))
    1477. 

  1477. 	{
    1478. 

  1478. 		// Do not append the ? if the param-list is empty anyway.
    1479. 

  1479. 		$params = false;
    1480. 

  1480. 	}
    1481. 

  1481. 

  1482. 	// Update the root path with the correct relative web path
    1483. 

  1483. 	if (!$is_route && $phpbb_path_helper instanceof \phpbb\path_helper)
    1484. 

  1484. 	{
    1485. 

  1485. 		$url = $phpbb_path_helper->update_web_root_path($url);
    1486. 

  1486. 	}
    1487. 

  1487. 

  1488. 	$append_sid_overwrite = false;
    1489. 

  1489. 

  1490. 	/**
    1491. 

  1491. 	* This event can either supplement or override the append_sid() function
    1492. 

  1492. 	*
    1493. 

  1493. 	* To override this function, the event must set $append_sid_overwrite to
    1494. 

  1494. 	* the new URL value, which will be returned following the event
    1495. 

  1495. 	*
    1496. 

  1496. 	* @event core.append_sid
    1497. 

  1497. 	* @var	string		url						The url the session id needs
    1498. 

  1498. 	*											to be appended to (can have
    1499. 

  1499. 	*											params)
    1500. 

  1500. 	* @var	mixed		params					String or array of additional
    1501. 

  1501. 	*											url parameters
    1502. 

  1502. 	* @var	bool		is_amp					Is url using &amp; (true) or
    1503. 

  1503. 	*											& (false)
    1504. 

  1504. 	* @var	bool|string	session_id				Possibility to use a custom
    1505. 

  1505. 	*											session id (string) instead of
    1506. 

  1506. 	*											the global one (false)
    1507. 

  1507. 	* @var	bool|string	append_sid_overwrite	Overwrite function (string
    1508. 

  1508. 	*											URL) or not (false)
    1509. 

  1509. 	* @var	bool	is_route					Is url generated by a route.
    1510. 

  1510. 	* @since 3.1.0-a1
    1511. 

  1511. 	*/
    1512. 

  1512. 	$vars = array('url', 'params', 'is_amp', 'session_id', 'append_sid_overwrite', 'is_route');
    1513. 

  1513. 	extract($phpbb_dispatcher->trigger_event('core.append_sid', compact($vars)));
    1514. 

  1514. 

  1515. 	if ($append_sid_overwrite)
    1516. 

  1516. 	{
    1517. 

  1517. 		return $append_sid_overwrite;
    1518. 

  1518. 	}
    1519. 

  1519. 

  1520. 	$params_is_array = is_array($params);
    1521. 

  1521. 

  1522. 	// Get anchor
    1523. 

  1523. 	$anchor = '';
    1524. 

  1524. 	if (strpos($url, '#') !== false)
    1525. 

  1525. 	{
    1526. 

  1526. 		list($url, $anchor) = explode('#', $url, 2);
    1527. 

  1527. 		$anchor = '#' . $anchor;
    1528. 

  1528. 	}
    1529. 

  1529. 	else if (!$params_is_array && strpos($params, '#') !== false)
    1530. 

  1530. 	{
    1531. 

  1531. 		list($params, $anchor) = explode('#', $params, 2);
    1532. 

  1532. 		$anchor = '#' . $anchor;
    1533. 

  1533. 	}
    1534. 

  1534. 

  1535. 	// Handle really simple cases quickly
    1536. 

  1536. 	if ($_SID == '' && $session_id === false && empty($_EXTRA_URL) && !$params_is_array && !$anchor)
    1537. 

  1537. 	{
    1538. 

  1538. 		if ($params === false)
    1539. 

  1539. 		{
    1540. 

  1540. 			return $url;
    1541. 

  1541. 		}
    1542. 

  1542. 

  1543. 		$url_delim = (strpos($url, '?') === false) ? '?' : (($is_amp) ? '&amp;' : '&');
    1544. 

  1544. 		return $url . ($params !== false ? $url_delim. $params : '');
    1545. 

  1545. 	}
    1546. 

  1546. 

  1547. 	// Assign sid if session id is not specified
    1548. 

  1548. 	if ($session_id === false)
    1549. 

  1549. 	{
    1550. 

  1550. 		$session_id = $_SID;
    1551. 

  1551. 	}
    1552. 

  1552. 

  1553. 	$amp_delim = ($is_amp) ? '&amp;' : '&';
    1554. 

  1554. 	$url_delim = (strpos($url, '?') === false) ? '?' : $amp_delim;
    1555. 

  1555. 

  1556. 	// Appending custom url parameter?
    1557. 

  1557. 	$append_url = (!empty($_EXTRA_URL)) ? implode($amp_delim, $_EXTRA_URL) : '';
    1558. 

  1558. 

  1559. 	// Use the short variant if possible ;)
    1560. 

  1560. 	if ($params === false)
    1561. 

  1561. 	{
    1562. 

  1562. 		// Append session id
    1563. 

  1563. 		if (!$session_id)
    1564. 

  1564. 		{
    1565. 

  1565. 			return $url . (($append_url) ? $url_delim . $append_url : '') . $anchor;
    1566. 

  1566. 		}
    1567. 

  1567. 		else
    1568. 

  1568. 		{
    1569. 

  1569. 			return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . 'sid=' . $session_id . $anchor;
    1570. 

  1570. 		}
    1571. 

  1571. 	}
    1572. 

  1572. 

  1573. 	// Build string if parameters are specified as array
    1574. 

  1574. 	if (is_array($params))
    1575. 

  1575. 	{
    1576. 

  1576. 		$output = array();
    1577. 

  1577. 

  1578. 		foreach ($params as $key => $item)
    1579. 

  1579. 		{
    1580. 

  1580. 			if ($item === NULL)
    1581. 

  1581. 			{
    1582. 

  1582. 				continue;
    1583. 

  1583. 			}
    1584. 

  1584. 

  1585. 			if ($key == '#')
    1586. 

  1586. 			{
    1587. 

  1587. 				$anchor = '#' . $item;
    1588. 

  1588. 				continue;
    1589. 

  1589. 			}
    1590. 

  1590. 

  1591. 			$output[] = $key . '=' . $item;
    1592. 

  1592. 		}
    1593. 

  1593. 

  1594. 		$params = implode($amp_delim, $output);
    1595. 

  1595. 	}
    1596. 

  1596. 

  1597. 	// Append session id and parameters (even if they are empty)
    1598. 

  1598. 	// If parameters are empty, the developer can still append his/her parameters without caring about the delimiter
    1599. 

  1599. 	return $url . (($append_url) ? $url_delim . $append_url . $amp_delim : $url_delim) . $params . ((!$session_id) ? '' : $amp_delim . 'sid=' . $session_id) . $anchor;
    1600. 

  1600. }
    1601. 

  1601. 

  1602. /**
    1603. 

  1603. * Generate board url (example: http://www.example.com/phpBB)
    1604. 

  1604. *
    1605. 

  1605. * @param bool $without_script_path if set to true the script path gets not appended (example: http://www.example.com)
    1606. 

  1606. *
    1607. 

  1607. * @return string the generated board url
    1608. 

  1608. */
    1609. 

  1609. function generate_board_url($without_script_path = false)
    1610. 

  1610. {
    1611. 

  1611. 	global $config, $user, $request, $symfony_request;
    1612. 

  1612. 

  1613. 	$server_name = $user->host;
    1614. 

  1614. 

  1615. 	// Forcing server vars is the only way to specify/override the protocol
    1616. 

  1616. 	if ($config['force_server_vars'] || !$server_name)
    1617. 

  1617. 	{
    1618. 

  1618. 		$server_protocol = ($config['server_protocol']) ? $config['server_protocol'] : (($config['cookie_secure']) ? 'https://' : 'http://');
    1619. 

  1619. 		$server_name = $config['server_name'];
    1620. 

  1620. 		$server_port = (int) $config['server_port'];
    1621. 

  1621. 		$script_path = $config['script_path'];
    1622. 

  1622. 

  1623. 		$url = $server_protocol . $server_name;
    1624. 

  1624. 		$cookie_secure = $config['cookie_secure'];
    1625. 

  1625. 	}
    1626. 

  1626. 	else
    1627. 

  1627. 	{
    1628. 

  1628. 		$server_port = (int) $symfony_request->getPort();
    1629. 

  1629. 

  1630. 		$forwarded_proto = $request->server('HTTP_X_FORWARDED_PROTO');
    1631. 

  1631. 

  1632. 		if (!empty($forwarded_proto) && $forwarded_proto === 'https')
    1633. 

  1633. 		{
    1634. 

  1634. 			$server_port = 443;
    1635. 

  1635. 		}
    1636. 

  1636. 		// Do not rely on cookie_secure, users seem to think that it means a secured cookie instead of an encrypted connection
    1637. 

  1637. 		$cookie_secure = $request->is_secure() ? 1 : 0;
    1638. 

  1638. 		$url = (($cookie_secure) ? 'https://' : 'http://') . $server_name;
    1639. 

  1639. 

  1640. 		$script_path = $user->page['root_script_path'];
    1641. 

  1641. 	}
    1642. 

  1642. 

  1643. 	if ($server_port && (($cookie_secure && $server_port <> 443) || (!$cookie_secure && $server_port <> 80)))
    1644. 

  1644. 	{
    1645. 

  1645. 		// HTTP HOST can carry a port number (we fetch $user->host, but for old versions this may be true)
    1646. 

  1646. 		if (strpos($server_name, ':') === false)
    1647. 

  1647. 		{
    1648. 

  1648. 			$url .= ':' . $server_port;
    1649. 

  1649. 		}
    1650. 

  1650. 	}
    1651. 

  1651. 

  1652. 	if (!$without_script_path)
    1653. 

  1653. 	{
    1654. 

  1654. 		$url .= $script_path;
    1655. 

  1655. 	}
    1656. 

  1656. 

  1657. 	// Strip / from the end
    1658. 

  1658. 	if (substr($url, -1, 1) == '/')
    1659. 

  1659. 	{
    1660. 

  1660. 		$url = substr($url, 0, -1);
    1661. 

  1661. 	}
    1662. 

  1662. 

  1663. 	return $url;
    1664. 

  1664. }
    1665. 

  1665. 

  1666. /**
    1667. 

  1667. * Redirects the user to another page then exits the script nicely
    1668. 

  1668. * This function is intended for urls within the board. It's not meant to redirect to cross-domains.
    1669. 

  1669. *
    1670. 

  1670. * @param string $url The url to redirect to
    1671. 

  1671. * @param bool $return If true, do not redirect but return the sanitized URL. Default is no return.
    1672. 

  1672. * @param bool $disable_cd_check If true, redirect() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain. Default is false.
    1673. 

  1673. */
    1674. 

  1674. function redirect($url, $return = false, $disable_cd_check = false)
    1675. 

  1675. {
    1676. 

  1676. 	global $user, $phpbb_path_helper, $phpbb_dispatcher;
    1677. 

  1677. 

  1678. 	if (!$user->is_setup())
    1679. 

  1679. 	{
    1680. 

  1680. 		$user->add_lang('common');
    1681. 

  1681. 	}
    1682. 

  1682. 

  1683. 	// Make sure no &amp;'s are in, this will break the redirect
    1684. 

  1684. 	$url = str_replace('&amp;', '&', $url);
    1685. 

  1685. 

  1686. 	// Determine which type of redirect we need to handle...
    1687. 

  1687. 	$url_parts = @parse_url($url);
    1688. 

  1688. 

  1689. 	if ($url_parts === false)
    1690. 

  1690. 	{
    1691. 

  1691. 		// Malformed url
    1692. 

  1692. 		trigger_error('INSECURE_REDIRECT', E_USER_WARNING);
    1693. 

  1693. 	}
    1694. 

  1694. 	else if (!empty($url_parts['scheme']) && !empty($url_parts['host']))
    1695. 

  1695. 	{
    1696. 

  1696. 		// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
    1697. 

  1697. 		if (!$disable_cd_check && $url_parts['host'] !== $user->host)
    1698. 

  1698. 		{
    1699. 

  1699. 			trigger_error('INSECURE_REDIRECT', E_USER_WARNING);
    1700. 

  1700. 		}
    1701. 

  1701. 	}
    1702. 

  1702. 	else if ($url[0] == '/')
    1703. 

  1703. 	{
    1704. 

  1704. 		// Absolute uri, prepend direct url...
    1705. 

  1705. 		$url = generate_board_url(true) . $url;
    1706. 

  1706. 	}
    1707. 

  1707. 	else
    1708. 

  1708. 	{
    1709. 

  1709. 		// Relative uri
    1710. 

  1710. 		$pathinfo = pathinfo($url);
    1711. 

  1711. 

  1712. 		// Is the uri pointing to the current directory?
    1713. 

  1713. 		if ($pathinfo['dirname'] == '.')
    1714. 

  1714. 		{
    1715. 

  1715. 			$url = str_replace('./', '', $url);
    1716. 

  1716. 

  1717. 			// Strip / from the beginning
    1718. 

  1718. 			if ($url && substr($url, 0, 1) == '/')
    1719. 

  1719. 			{
    1720. 

  1720. 				$url = substr($url, 1);
    1721. 

  1721. 			}
    1722. 

  1722. 		}
    1723. 

  1723. 

  1724. 		$url = $phpbb_path_helper->remove_web_root_path($url);
    1725. 

  1725. 

  1726. 		if ($user->page['page_dir'])
    1727. 

  1727. 		{
    1728. 

  1728. 			$url = $user->page['page_dir'] . '/' . $url;
    1729. 

  1729. 		}
    1730. 

  1730. 

  1731. 		$url = generate_board_url() . '/' . $url;
    1732. 

  1732. 	}
    1733. 

  1733. 

  1734. 	// Clean URL and check if we go outside the forum directory
    1735. 

  1735. 	$url = $phpbb_path_helper->clean_url($url);
    1736. 

  1736. 

  1737. 	if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0)
    1738. 

  1738. 	{
    1739. 

  1739. 		trigger_error('INSECURE_REDIRECT', E_USER_WARNING);
    1740. 

  1740. 	}
    1741. 

  1741. 

  1742. 	// Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2
    1743. 

  1743. 	if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false)
    1744. 

  1744. 	{
    1745. 

  1745. 		trigger_error('INSECURE_REDIRECT', E_USER_WARNING);
    1746. 

  1746. 	}
    1747. 

  1747. 

  1748. 	// Now, also check the protocol and for a valid url the last time...
    1749. 

  1749. 	$allowed_protocols = array('http', 'https', 'ftp', 'ftps');
    1750. 

  1750. 	$url_parts = parse_url($url);
    1751. 

  1751. 

  1752. 	if ($url_parts === false || empty($url_parts['scheme']) || !in_array($url_parts['scheme'], $allowed_protocols))
    1753. 

  1753. 	{
    1754. 

  1754. 		trigger_error('INSECURE_REDIRECT', E_USER_WARNING);
    1755. 

  1755. 	}
    1756. 

  1756. 

  1757. 	/**
    1758. 

  1758. 	* Execute code and/or overwrite redirect()
    1759. 

  1759. 	*
    1760. 

  1760. 	* @event core.functions.redirect
    1761. 

  1761. 	* @var	string	url					The url
    1762. 

  1762. 	* @var	bool	return				If true, do not redirect but return the sanitized URL.
    1763. 

  1763. 	* @var	bool	disable_cd_check	If true, redirect() will redirect to an external domain. If false, the redirect point to the boards url if it does not match the current domain.
    1764. 

  1764. 	* @since 3.1.0-RC3
    1765. 

  1765. 	*/
    1766. 

  1766. 	$vars = array('url', 'return', 'disable_cd_check');
    1767. 

  1767. 	extract($phpbb_dispatcher->trigger_event('core.functions.redirect', compact($vars)));
    1768. 

  1768. 

  1769. 	if ($return)
    1770. 

  1770. 	{
    1771. 

  1771. 		return $url;
    1772. 

  1772. 	}
    1773. 

  1773. 	else
    1774. 

  1774. 	{
    1775. 

  1775. 		garbage_collection();
    1776. 

  1776. 	}
    1777. 

  1777. 

  1778. 	// Behave as per HTTP/1.1 spec for others
    1779. 

  1779. 	header('Location: ' . $url);
    1780. 

  1780. 	exit;
    1781. 

  1781. }
    1782. 

  1782. 

  1783. /**
    1784. 

  1784. * Re-Apply session id after page reloads
    1785. 

  1785. */
    1786. 

  1786. function reapply_sid($url, $is_route = false)
    1787. 

  1787. {
    1788. 

  1788. 	global $phpEx, $phpbb_root_path;
    1789. 

  1789. 

  1790. 	if ($url === "index.$phpEx")
    1791. 

  1791. 	{
    1792. 

  1792. 		return append_sid("index.$phpEx");
    1793. 

  1793. 	}
    1794. 

  1794. 	else if ($url === "{$phpbb_root_path}index.$phpEx")
    1795. 

  1795. 	{
    1796. 

  1796. 		return append_sid("{$phpbb_root_path}index.$phpEx");
    1797. 

  1797. 	}
    1798. 

  1798. 

  1799. 	// Remove previously added sid
    1800. 

  1800. 	if (strpos($url, 'sid=') !== false)
    1801. 

  1801. 	{
    1802. 

  1802. 		// All kind of links
    1803. 

  1803. 		$url = preg_replace('/(\?)?(&amp;|&)?sid=[a-z0…
    1804.

Large files files are truncated, but you can click here to view the full file